<?php
namespace Admin\Controller;
use Think\Controller;
/**
* login
*/
class LoginController extends Controller
{
	public function index()
	{
		$this->display();
	}
	public function verify()
	{
		$Verify = new \Think\Verify();
		$Verify->expire = 120;
		$Verify->useImgBg = true;
		$Verify->fontSize = 20;
		$Verify->length = 4;
		$Verify->imageW = 142;
		$Verify->imageH = 40;
		$Verify->useNoise = false;
		$Verify->bg = array(rand(0, 255), rand(0, 255), rand(0, 255));
		$Verify->entry();
	}
	public function checklogin()
	{
		//检查表单数据的有效性
		if (empty(I('post.username'))) {
			$this->error('用户名必须填写');
		}
		//整理需要用户验证的数据
		$map = array();
		$map['username'] = I('post.username');
		$map['active'] = array('gt',0);
		//提取用户数据
		$user = \Org\Util\Rbac::authenticate($map);
		//判断是否能提取用户数据
		if (empty($user)) {
			$this->error('用户不存在或者被禁用');
		} else {
			//如果用户数据提取成功，判断密码是否输入正确
			if ($user['password'] != md5(I('post.password'))) {
				$this->error('用户密码输入错误');
			}
			$_SESSION[C('USER_AUTH_KEY')] = $user['id'];
			$_SESSION['email'] = $user['email'];
			//超级管理员认证
			if ($user['username'] == 'admin') {
				$_SESSION[C('ADMIN_AUTH_KEY')] = true;
			}
			$u = M('User');
			$row['id'] = $user['id'];
			$row['last_logdate'] = time();
			$u->save($row);

			//缓存访问权限
			\Org\Util\Rbac::saveAccessList();

			//页面登录成功跳转
			$this->assign('jumpUrl',__APP__.'/'.MODULE_NAME.'/Index/index');
			$this->success('登录成功');
		}
	}
	public function logout()
	{
		if (!empty($_SESSION[C('USER_AUTH_KEY')])) {
			unset($_SESSION[C('USER_AUTH_KEY')]);
			$_SESSION = array();
			session_destroy();
			$this->assign('jumpUrl',__APP__.'/'.MODULE_NAME.'/login');
			$this->success('登出成功');
		} else {
			$this->assign('jumpUrl',__APP__.'/'.MODULE_NAME.'/login');
			$this->error('未登录');
		}
	}
}